require 'rack/oauth2' | |
Rack::OAuth2.debug! | |
client = Rack::OAuth2::Client.new( | |
identifier: '<YOUR-CLIENT-ID>', | |
secret: '<YOUR-CLIENT-SECRET>', | |
authorization_endpoint: 'https://login.salesforce.com/services/oauth2/authorize', | |
token_endpoint: 'https://login.salesforce.com/services/oauth2/token', | |
redirect_uri: '<YOUR-CALLBACK-URL>' | |
) | |
def endpoint_for(resource) | |
scim_base_endpoint = 'https://<YOUR-DOMAIN>.my.salesforce.com/services/scim/v1' | |
File.join(scim_base_endpoint, resource) | |
end | |
module JSONized | |
def request_to(resource, method: :get, params: nil) | |
response = send method, endpoint_for(resource), params.try(:to_json), 'Content-Type': 'application/json' | |
puts JSON.pretty_generate JSON.parse(response.body) | |
end | |
end | |
authorization_uri = client.authorization_uri( | |
scope: [:api] | |
) | |
`open "#{authorization_uri}"` | |
print 'code: ' and STDOUT.flush | |
code = gets.chop | |
client.authorization_code = code | |
token = client.access_token! :body | |
token.extend JSONized | |
# token.request_to 'Entitlements' # => ここのレスポンスから適切な Entitlement (e.g. Standard User) の識別子を取得しておく。 | |
token.request_to 'Users', method: :post, params: { | |
externalId: '<OIDC-SUBJECT-VALUE>', | |
userName: 'some-user@your-idp.example.comp', | |
name: { | |
familyName: 'User', | |
givenName: 'Some' | |
}, | |
emails: [{ | |
value: 'some-user@your-idp.example.com' | |
}], | |
entitlements: [{ | |
value: '<ENTITLEMETN-ID>' | |
}] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment